CVE-2018-6510

2018-05-08T18:29:00
ID CVE-2018-6510
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:41:00

Description

A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6.